Пример #1
0
func (p *UpdateContactRequestHandler) IsAuthorized(req wm.Request, cxt wm.Context) (bool, string, wm.Request, wm.Context, int, error) {
	ucc := cxt.(UpdateContactContext)
	hasSignature, userId, _, err := apiutil.CheckSignature(p.authDS, req.UnderlyingRequest())
	if !hasSignature || err != nil {
		return hasSignature, "dsocial", req, cxt, http.StatusUnauthorized, err
	}
	if userId != "" {
		user, _ := p.ds.RetrieveUserAccountById(userId)
		ucc.SetAuthUser(user)
	}
	return userId != "", "", req, cxt, 0, nil
}
Пример #2
0
func (p *LogoutAccountRequestHandler) IsAuthorized(req wm.Request, cxt wm.Context) (bool, string, wm.Request, wm.Context, int, error) {
	lac := cxt.(LogoutAccountContext)
	hasSignature, userId, _, err := apiutil.CheckSignature(p.authDS, req.UnderlyingRequest())
	if !hasSignature || err != nil {
		return hasSignature, "dsocial", req, cxt, http.StatusUnauthorized, err
	}
	accessKey, _ := apiutil.RetrieveAccessKeyFromRequest(p.authDS, req.UnderlyingRequest())
	lac.SetAccessKey(accessKey)
	if userId != "" {
		user, _ := p.ds.RetrieveUserAccountById(userId)
		lac.SetUser(user)
	}
	return true, "", req, cxt, 0, nil
}
Пример #3
0
func (p *ViewAccountRequestHandler) IsAuthorized(req wm.Request, cxt wm.Context) (bool, string, wm.Request, wm.Context, int, error) {
	vac := cxt.(ViewAccountContext)
	hasSignature, userId, consumerId, err := apiutil.CheckSignature(p.authDS, req.UnderlyingRequest())
	if !hasSignature || err != nil {
		return hasSignature, "dsocial", req, cxt, http.StatusUnauthorized, err
	}
	if userId != "" {
		user, _ := p.ds.RetrieveUserAccountById(userId)
		vac.SetRequestingUser(user)
	}
	if consumerId != "" {
		consumer, _ := p.ds.RetrieveConsumerAccountById(consumerId)
		vac.SetRequestingConsumer(consumer)
	}
	return true, "", req, cxt, 0, nil
}
Пример #4
0
func (p *GeneratePrivateKeyRequestHandler) IsAuthorized(req wm.Request, cxt wm.Context) (bool, string, wm.Request, wm.Context, int, error) {
	gpkc := cxt.(GeneratePrivateKeyContext)
	hasSignature, userId, consumerId, err := apiutil.CheckSignature(p.authDS, req.UnderlyingRequest())
	if !hasSignature || err != nil {
		return hasSignature, "dsocial", req, cxt, http.StatusUnauthorized, err
	}
	if userId != "" {
		user, _ := p.ds.RetrieveUserAccountById(userId)
		gpkc.SetUser(user)
	}
	if consumerId != "" {
		consumer, _ := p.ds.RetrieveConsumerAccountById(consumerId)
		gpkc.SetConsumer(consumer)
	}
	if (userId != "" && gpkc.User() == nil) || (consumerId != "" && gpkc.Consumer() == nil) {
		gpkc.SetUser(nil)
		gpkc.SetConsumer(nil)
	}
	return true, "", req, cxt, 0, nil
}
Пример #5
0
func (p *CreateAccountRequestHandler) Forbidden(req wm.Request, cxt wm.Context) (bool, wm.Request, wm.Context, int, os.Error) {
	cac := cxt.(CreateAccountContext)
	hasSignature, userId, consumerId, err := apiutil.CheckSignature(p.authDS, req.UnderlyingRequest())
	if err != nil {
		return true, req, cxt, 403, err
	}
	if hasSignature {
		if userId != "" {
			user, _ := p.ds.RetrieveUserAccountById(userId)
			cac.SetRequestingUser(user)
		}
		if consumerId != "" {
			consumer, _ := p.ds.RetrieveConsumerAccountById(consumerId)
			cac.SetRequestingConsumer(consumer)
		}
		if (userId != "" && (cac.RequestingUser() == nil || !cac.RequestingUser().Accessible())) && (consumerId != "" && (cac.RequestingConsumer() == nil || !cac.RequestingConsumer().Accessible())) {
			// Cannot find user or consumer with specified id
			return true, req, cxt, 0, nil
		}
	}
	return false, req, cxt, 0, nil
}